CVE-2026-6897 | Wishlist Member Plugin up to 3.30.1 on WordPress REST API Team_Accounts privileges management

Inserito da Angelo Barbosa | Mag 23, 2026 | CVE

A vulnerability classified as critical has been found in Wishlist Member Plugin up to 3.30.1 on WordPress. This affects the function Team_Accounts of the component REST API. Performing a manipulation results in improper privilege management.

This vulnerability is identified as CVE-2026-6897. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-6897 | Wishlist Member Plugin up to 3.30.1 on WordPress REST API Team_Accounts privileges management

Post correlati

CVE-2026-34533 | InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2/2.3.1.3/2.3.1.4/2.3.1.5 ICC ApplySequence reliance on undefined, unspecified, or implementation-defined behavior (ID 664)

CVE-2024-27843 | Apple macOS up to 14.4 Local Privilege Escalation (HT214106)

CVE-2023-45169 | IBM AIX/VIOS pmsvcs Kernel Extension denial of service

CVE-2025-68865 | Infility Global Plugin up to 2.14.48 on WordPress sql injection